Dell PowerConnect W Clearpass 100 Software ArubaOS Integration Guide - Page 10

Amigopod and ArubaOS Integration Application Note Captive Portal Authentication Workflow Figure 2 shows the phases that a guest user passes through during a captive portal authentication process. In the Aruba system, the mobility controller acts as the network access server (NAS) and Amigopod acts as the RADIUS server. Figure 2 details the captive portal authentication workflow. Guest Mobility Controller (NAS) Amigopod VMA Associates [1] Redirects Complete login form Automated NAS login Unregistered role Browse to Landing page [2] Submit form [3] Login Message page [4] Access-Request [5] Access-Accept [6] Guest role [7] States: Unauthorized Authenticating Authorized Web login Authentication Authorization Internet browsing Accounting-Request [8] Accounting-Response Accounting-Request [9] Accounting-Response [9] Session timeout [10] Accounting-Request [11] Accounting-Response Accounting Interim Accounting Accounting arun_0540 Figure 2 Workflow for captive portal authentication 1. The guest user associates their Wi-Fi device to the guest SSID. In the baseline VRD configuration, this SSID is "Guest-Network." 2. The guest user opens a browser. Based on the configured home page or requested web page, the initial HTTP traffic is intercepted by the Aruba controller and redirected to the Amigopod web login page defined in the captive portal profile. 3. The guest user enters their user credentials on the Amigopod web login page. Amigopod performs any preauthorization checks that are required and displays the login message to the guest user. Aruba Networks, Inc. Captive Portal Authentication | 10